Knowledge Management

Deployment server

sekhar123
New Member

What is meant by deployment server and what does it do?

Labels (2)
0 Karma

sekhar123
New Member

Thank you for the reply gcusello

0 Karma

gcusello
SplunkTrust
SplunkTrust

Hi @sekhar123,

Read the documentation and implement a lab to fully understand the advantages using the Forwarder Management feature using a Deployment Server.

let me know if I can help you more, or, please, accept one answer for the other people of Community.

Ciao and happy splunking

Giuseppe

P.S.: Karma Points are appreciated 😉

0 Karma

isoutamo
SplunkTrust
SplunkTrust

Hi

if you already have any CI/CD system up and running you could it instead of setting up DS.

Currently the biggest issues with DS are:

  • you cannot install/ update UF with it “natively” (doable wit own scripts)
  • you cannot serialize configuration installation and reboot e.g. parallel HFs

But if you haven’t already working system, you should use it.

r. Ismo

0 Karma

gcusello
SplunkTrust
SplunkTrust

Hi @sekhar123,

as you can read at https://docs.splunk.com/Documentation/Splunk/9.0.5/Updating/Aboutdeploymentserver , a Deployment Server is a role that assume Splunk Enterprise in complex architectures.

Starting from the beginning:

it permits to push configurations to Universal and Heavy Forwarders in centralized way avoiding to access each of them one by one for each configuration update.

It can reside in a Splunk Server shared with other roles if it has to manage less than 50 clients, otherwise a dedicated server is required.

It's a full Splunk Enterprise installation without using the features of indexing and searching, but only Forwarder Management.

I hint to analyze it because it's a fondamental role in each Splunk architecture, as you can read at https://www.splunk.com/en_us/pdfs/tech-brief/splunk-validated-architectures.pdf

Ciao.

Giuseppe

0 Karma
Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) | New Releases

In December, the Splunk Threat Research Team had 1 release of new security content via the Enterprise Security ...

Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?

(This is the first of a series of 2 blogs). Splunk Enterprise Security is a fantastic tool that offers robust ...

Index This | What are the 12 Days of Splunk-mas?

December 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...